package org.apache.jetspeed.services.rest;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.page.PageManager;
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.PrincipalRule;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.Group;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPrincipalQueryContext;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.Role;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.services.beans.UserDataTableBean;
import org.apache.jetspeed.services.beans.UserDetailBean;
import org.apache.pluto.container.P3PAttributes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/usermanager/")
/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-portal-2.3.0.jar:org/apache/jetspeed/services/rest/UserManagerService.class */
public class UserManagerService extends AbstractRestService {
    private static Logger log = LoggerFactory.getLogger(UserManagerService.class);
    private UserManager userManager;
    private RoleManager roleManager;
    private GroupManager groupManager;
    private Profiler profiler;
    private PageManager pageManager;
    private PortletActionSecurityBehavior securityBehavior;

    public UserManagerService(UserManager userManager, RoleManager roleManager, GroupManager groupManager, Profiler profiler, PageManager pageManager, PortletActionSecurityBehavior portletActionSecurityBehavior) {
        super(portletActionSecurityBehavior);
        this.userManager = userManager;
        this.roleManager = roleManager;
        this.groupManager = groupManager;
        this.profiler = profiler;
        this.pageManager = pageManager;
    }

    @GET
    @Path("/users/")
    public UserDataTableBean findUsers(@Context HttpServletRequest httpServletRequest, @Context UriInfo uriInfo, @QueryParam("name") String str, @QueryParam("roles") List<String> list, @QueryParam("groups") List<String> list2, @QueryParam("start") long j, @QueryParam("results") long j2, @QueryParam("sort") String str2, @QueryParam("attribute_key") List<String> list3, @QueryParam("attribute_value") List<String> list4) {
        checkPrivilege(httpServletRequest, JetspeedActions.VIEW);
        HashMap hashMap = null;
        if (list3 != null && list3.size() > 0 && list3.size() == list4.size()) {
            hashMap = new HashMap();
            for (int i = 0; i < list3.size(); i++) {
                if (list4.get(i) != null && list4.get(i).length() > 0) {
                    hashMap.put(list3.get(i), list4.get(i));
                }
            }
        }
        JetspeedPrincipalQueryContext jetspeedPrincipalQueryContext = new JetspeedPrincipalQueryContext(str, j, j2, str2, list, list2, null, hashMap);
        try {
            UserDataTableBean userDataTableBean = new UserDataTableBean(this.userManager.getUsersExtended(jetspeedPrincipalQueryContext));
            userDataTableBean.setStartIndex(j);
            userDataTableBean.setPageSize(j2);
            userDataTableBean.setRecordsReturned(j2);
            userDataTableBean.setAvailableRules(getProfilingRuleNames());
            userDataTableBean.setTemplates(getUserTemplates());
            return userDataTableBean;
        } catch (SecurityException e) {
            if (log.isDebugEnabled()) {
                log.error("Error searching users:" + jetspeedPrincipalQueryContext, (Throwable) e);
                return null;
            }
            log.error("Error searching users:" + jetspeedPrincipalQueryContext + ". " + e);
            return null;
        }
    }

    @GET
    @Path("/users/{name}/")
    public UserDetailBean getUserByName(@Context HttpServletRequest httpServletRequest, @Context UriInfo uriInfo, @PathParam("name") String str) {
        checkPrivilege(httpServletRequest, JetspeedActions.VIEW);
        try {
            User user = this.userManager.getUser(str);
            return new UserDetailBean(user, this.userManager.getPasswordCredential(user), this.roleManager.getRolesForUser(user.getName()), this.groupManager.getGroupsForUser(user.getName()), this.roleManager.getRoleNames(null), this.groupManager.getGroupNames(null), getProfilingRuleForUser(user), getProfilingRuleNames());
        } catch (Exception e) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Error requesting users datail data:" + str, (Throwable) e);
            return null;
        }
    }

    @POST
    @Path("/users/{name}/")
    public Boolean updateUserDetail(@Context HttpServletRequest httpServletRequest, @Context UriInfo uriInfo, @PathParam("name") String str, @FormParam("user_name_given") String str2, @FormParam("user_name_family") String str3, @FormParam("user_email") String str4, @FormParam("password") String str5, @FormParam("password_confirm") String str6, @FormParam("user_enabled") Boolean bool, @FormParam("credential_update_required") Boolean bool2, @FormParam("roles") List<String> list, @FormParam("groups") List<String> list2, @FormParam("rule") String str7) {
        checkPrivilege(httpServletRequest, JetspeedActions.VIEW);
        boolean z = false;
        if (str5 != null) {
            try {
                if (str5.length() > 0) {
                    if (!str5.equals(str6)) {
                        Response.ResponseBuilder status = Response.status(Response.Status.BAD_REQUEST);
                        status.type("text/plain");
                        status.entity("password.confirmation.failed");
                        throw new WebApplicationException(status.build());
                    }
                    z = true;
                }
            } catch (WebApplicationException e) {
                throw e;
            } catch (SecurityException e2) {
                Response.ResponseBuilder status2 = Response.status(Response.Status.BAD_REQUEST);
                status2.type("text/plain");
                status2.entity(e2.getKeyedMessage().getKey());
                throw new WebApplicationException(status2.build());
            } catch (Exception e3) {
                if (log.isErrorEnabled()) {
                    log.error("Error updating users :" + str, (Throwable) e3);
                }
                throw new WebApplicationException(e3);
            }
        }
        User user = this.userManager.getUser(str);
        user.getSecurityAttributes().getAttribute(P3PAttributes.USER_NAME_GIVEN, true).setStringValue(str2);
        user.getSecurityAttributes().getAttribute(P3PAttributes.USER_NAME_FAMILY, true).setStringValue(str3);
        user.getSecurityAttributes().getAttribute(P3PAttributes.USER_BUSINESS_INFO_ONLINE_EMAIL, true).setStringValue(str4);
        if (bool == null) {
            bool = false;
        }
        user.setEnabled(bool.booleanValue());
        this.userManager.updateUser(user);
        if (bool2 == null) {
            bool2 = false;
        }
        PasswordCredential passwordCredential = this.userManager.getPasswordCredential(user);
        if (z) {
            passwordCredential.setPassword(str5, false);
        }
        passwordCredential.setUpdateRequired(bool2.booleanValue());
        this.userManager.storePasswordCredential(passwordCredential);
        for (Role role : this.roleManager.getRolesForUser(user.getName())) {
            if (list == null || !list.contains(role.getName())) {
                this.roleManager.removeRoleFromUser(str, role.getName());
            } else {
                list.remove(role.getName());
            }
        }
        if (list != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                this.roleManager.addRoleToUser(str, it.next());
            }
        }
        for (Group group : this.groupManager.getGroupsForUser(user.getName())) {
            if (list2 == null || !list2.contains(group.getName())) {
                this.groupManager.removeUserFromGroup(str, group.getName());
            } else {
                list2.remove(group.getName());
            }
        }
        if (list2 != null) {
            Iterator<String> it2 = list2.iterator();
            while (it2.hasNext()) {
                this.groupManager.addUserToGroup(str, it2.next());
            }
        }
        if (str7 == null || str7.trim().length() == 0) {
            PrincipalRule principalRule = null;
            Iterator<PrincipalRule> it3 = this.profiler.getRulesForPrincipal(user).iterator();
            while (true) {
                if (!it3.hasNext()) {
                    break;
                }
                PrincipalRule next = it3.next();
                if (next.getLocatorName().equals("page")) {
                    principalRule = next;
                    break;
                }
            }
            if (principalRule != null) {
                this.profiler.deletePrincipalRule(principalRule);
            }
        } else {
            ProfilingRule rule = this.profiler.getRule(str7);
            if (rule != null) {
                this.profiler.setRuleForPrincipal(user, rule, "page");
            } else {
                log.error("Failed to set profiling rule for principal. Invalid profiling rule: " + str7);
            }
        }
        return new Boolean(true);
    }

    @POST
    @Path("/users/")
    public Boolean createUser(@Context HttpServletRequest httpServletRequest, @Context UriInfo uriInfo, @FormParam("name") String str, @FormParam("user_name_given") String str2, @FormParam("user_name_family") String str3, @FormParam("user_email") String str4, @FormParam("password") String str5, @FormParam("password_confirm") String str6, @FormParam("credential_update_required") Boolean bool, @FormParam("newrule") String str7) {
        checkPrivilege(httpServletRequest, JetspeedActions.VIEW);
        boolean z = false;
        if (str5 != null) {
            try {
                if (str5.length() > 0) {
                    if (!str5.equals(str6)) {
                        Response.ResponseBuilder status = Response.status(Response.Status.BAD_REQUEST);
                        status.type("text/plain");
                        status.entity("password.confirmation.failed");
                        throw new WebApplicationException(status.build());
                    }
                    z = true;
                }
            } catch (WebApplicationException e) {
                throw e;
            } catch (SecurityException e2) {
                Response.ResponseBuilder status2 = Response.status(Response.Status.BAD_REQUEST);
                status2.type("text/plain");
                status2.entity(e2.getKeyedMessage().getKey());
                throw new WebApplicationException(status2.build());
            } catch (Exception e3) {
                if (log.isErrorEnabled()) {
                    log.error("Error creating users :" + str, (Throwable) e3);
                }
                throw new WebApplicationException(e3);
            }
        }
        User addUser = this.userManager.addUser(str);
        addUser.getSecurityAttributes().getAttribute(P3PAttributes.USER_NAME_GIVEN, true).setStringValue(str2);
        addUser.getSecurityAttributes().getAttribute(P3PAttributes.USER_NAME_FAMILY, true).setStringValue(str3);
        addUser.getSecurityAttributes().getAttribute(P3PAttributes.USER_BUSINESS_INFO_ONLINE_EMAIL, true).setStringValue(str4);
        this.userManager.updateUser(addUser);
        if (bool == null) {
            bool = false;
        }
        PasswordCredential passwordCredential = this.userManager.getPasswordCredential(addUser);
        if (z) {
            passwordCredential.setPassword(str5, false);
        }
        passwordCredential.setUpdateRequired(bool.booleanValue());
        this.userManager.storePasswordCredential(passwordCredential);
        for (String str8 : Jetspeed.getConfiguration().getStringArray(PortalConfigurationConstants.REGISTRATION_ROLES_DEFAULT)) {
            this.roleManager.addRoleToUser(str, str8);
        }
        if (str7 != null && str7.trim().length() > 0) {
            ProfilingRule rule = this.profiler.getRule(str7);
            if (rule != null) {
                this.profiler.setRuleForPrincipal(addUser, rule, "page");
            } else {
                log.error("Failed to set profiling rule for principal. Invalid profiling rule: " + str7);
            }
        }
        String string = Jetspeed.getConfiguration().getString(PortalConfigurationConstants.PSML_TEMPLATE_FOLDER);
        if (string != null && string.trim().length() != 0) {
            this.pageManager.deepCopyFolder(this.pageManager.getFolder(string), Folder.USER_FOLDER + str, str);
        }
        return new Boolean(true);
    }

    @Path("/users/{name}/")
    @DELETE
    public Boolean deleteUserByName(@Context HttpServletRequest httpServletRequest, @Context UriInfo uriInfo, @PathParam("name") String str) {
        checkPrivilege(httpServletRequest, JetspeedActions.VIEW);
        try {
            this.userManager.removeUser(str);
            return true;
        } catch (SecurityException e) {
            Response.ResponseBuilder status = Response.status(Response.Status.BAD_REQUEST);
            status.type("text/plain");
            status.entity(e.getKeyedMessage().getKey());
            throw new WebApplicationException(status.build());
        } catch (Exception e2) {
            if (log.isErrorEnabled()) {
                log.error("Error creating users :" + str, (Throwable) e2);
            }
            throw new WebApplicationException(e2);
        }
    }

    protected List<String> getProfilingRuleNames() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("");
        Iterator<ProfilingRule> it = this.profiler.getRules().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getId());
        }
        return arrayList;
    }

    protected String getProfilingRuleForUser(User user) {
        for (PrincipalRule principalRule : this.profiler.getRulesForPrincipal(user)) {
            if (principalRule.getLocatorName().equals("page")) {
                return principalRule.getProfilingRule().getId();
            }
        }
        return "";
    }

    protected List<String> getUserTemplates() {
        Jetspeed.getConfiguration().getString(PortalConfigurationConstants.PSML_TEMPLATE_FOLDER);
        ArrayList arrayList = new ArrayList();
        try {
            for (Folder folder : this.pageManager.getFolder(Folder.USER_TEMPLATE_FOLDER).getFolders()) {
                arrayList.add(folder.getShortTitle() == null ? folder.getTitle() == null ? folder.getName() : folder.getTitle() : folder.getShortTitle());
            }
        } catch (Exception e) {
            log.error("Failed to retrieve templates", (Throwable) e);
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.jetspeed.services.rest.AbstractRestService
    public void checkPrivilege(HttpServletRequest httpServletRequest, String str) {
        RequestContext requestContext = (RequestContext) httpServletRequest.getAttribute("org.apache.jetspeed.request.RequestContext");
        if (this.securityBehavior != null && !this.securityBehavior.checkAccess(requestContext, str)) {
            throw new WebApplicationException(new JetspeedException("Insufficient privilege to access this REST service."));
        }
    }
}
